In many countries, including the United States, governments have begun mandating that mobile service providers must be able to determine the location of a mobile device with a certain degree of accuracy. For example, some mandates require that mobile service providers must be able to determine the location for a mobile device within a 100-meter radius of the mobile device. While the impetus behind these mandates has been the need to locate a mobile device for emergency services, a byproduct of the ability to determine the location of a mobile device is that the location information may be used by more than just emergency services. In fact, an entire location-based service industry has arisen around the ability to provide location information of a mobile device to so-called location consumers. Location consumers may include the mobile device user, family, friends, business owners, fleet managers, and the like.
Location information can be extremely valuable, hence the rise of the location-based service industry. However, location information can be extremely sensitive in nature. Mobile devices, including, but not limited to, mobile phones, personal digital assistants (PDAs), tablet and notebook computers, as well as many forms of hybrid devices, are usually viewed as personal items, i.e., personal to the mobile device user. As a personal item, a mobile device is usually kept in the personal possession of the mobile device user, and as such, the location of the mobile device closely corresponds to the personal location of the mobile device user. Thus, dissemination of location information is clearly a personal privacy issue. As such, care must be taken to protect the individual's personal location information. Typically, a mobile device user protects his privacy by establishing distribution controls over location information of his mobile device.
Clearly, location information, as personal information, can be used for nefarious or unauthorized purposes. Unfortunately, even when distribution controls are set in place with regard to location information, those that would make unauthorized use of location information are often able to bypass those controls and obtain the location information. For example, while a location-based service provider may impose strict distribution controls in regard to which location consumers may gain access to location information of a mobile device, a rogue administrator with super-user privileges could use those privileges to illegitimately access location information as it passes through the location-based service provider's facilities, easily compromising any distribution controls set in place. Alternatively, one who is eavesdropping on network communications between a location-based service provider and a legitimate location consumer may gain unauthorized access to the location information, again compromising the mobile device user's privacy.
While one of the services of a location-based service provider is to route location information from a mobile service provider to a location consumer, depending on the type of service requested, location-based service providers do not always need the actual location information related to a mobile device. In fact, as described above, the location-based service provider often represents a security weakness as location information passes from a mobile service provider to the location consumer. Accordingly, what is needed is a system and method for securely delivering location information from a mobile service provider to a location consumer in a secure manner. The present invention addresses these and other issues found in the prior art.